43

I'm not sure why it isn't starting or why its preventing me from connecting, i get this error:

sshd.service - OpenSSH Daemon
    Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
   Active: failed (Result: start-limit) since Wed 2013-09-11 08:45:13 BST; 1min 21s ago
  Process: 701 ExecStart=/usr/bin/sshd -D (code=exited, status=1/FAILURE)

Sep 11 08:45:13 alarmpi systemd[1]: sshd.service: main process exited, code=exited, status=1/FAILURE
Sep 11 08:45:13 alarmpi systemd[1]: Unit sshd.service entered failed state.
Sep 11 08:45:13 alarmpi systemd[1]: sshd.service holdoff time over, scheduling restart.
Sep 11 08:45:13 alarmpi systemd[1]: Stopping OpenSSH Daemon...
Sep 11 08:45:13 alarmpi systemd[1]: Starting OpenSSH Daemon...
Sep 11 08:45:13 alarmpi systemd[1]: sshd.service start request repeated too quickly,    refusing to start.
Sep 11 08:45:13 alarmpi systemd[1]: Failed to start OpenSSH Daemon.
Sep 11 08:45:13 alarmpi systemd[1]: Unit sshd.service entered failed state.

On the advice of #amrith I ran sshd -t which indicated that the key had not been generate . I generated this using ssh-keygen -A on the advice given in this forum then running systemctl status showed that I am still not running the Daemon. I've attached the error below, sadly I don't know ho Re-running sshd -t gives no messages now.

sshd.service - OpenSSH Daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
   Active: inactive (dead)

Sep 11 12:04:42 alarmpi systemd[1]: Started OpenSSH Daemon.
Sep 11 12:04:42 alarmpi sshd[289]: fatal: Cannot bind any address.
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep 11 12:04:42 alarmpi systemd[1]: Unit sshd.service entered failed state.
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service holdoff time over, scheduling restart.
Sep 11 12:04:42 alarmpi systemd[1]: Stopping OpenSSH Daemon...
Sep 11 12:04:42 alarmpi systemd[1]: Starting OpenSSH Daemon...
Sep 11 12:04:42 alarmpi systemd[1]: sshd.service start request repeated too quickly, refusing to start.
Sep 11 12:04:42 alarmpi systemd[1]: Failed to start OpenSSH Daemon.
Sep 11 12:04:42 alarmpi systemd[1]: Unit sshd.service entered failed state.
aCoolBean
  • 431
  • 1
  • 4
  • 4

9 Answers9

53

Try the sshd test mode. It may point you to a reason for failure:

$ sshd -t

Refer to the test mode documentation here.

amrith
  • 668
  • 1
  • 5
  • 5
  • Great. I accidentally uninstalled openssh-server and was unaware of that.. `sshd` command not found got me to know that .. – Rick Jun 27 '22 at 14:37
19

The problem, in our case was that we use a non-standard port for SSH. SELinux can restrict which ports are able to be used by a service. Apparently it gets confused sometimes and forgets that we had allowed that port?

We had to issue the following command to add our port (22222) to the list of available ports

semanage port -a -t ssh_port_t -p tcp 22222

Reference: http://sharadchhetri.com/2014/10/15/centos-7-rhel-7-change-openssh-port-number-selinux-enabled/

dreua
  • 103
  • 2
Tommy McNeely
  • 376
  • 2
  • 4
13

Well if you change the SSH port number you have to do some more things in CentOS 7.

Change SSH port editing ssdh_config file

vi /etc/ssh/sshd_config

For example change to: Port 2323

SELINUX only allow port 22 for ssh. Add new port context 2323. If you have't installed do the following

yum -y install policycoreutils-python
semanage port -a -t ssh_port_t -p tcp 2323

Check the port context for ssh

semanage port -l | grep ssh

Restart SSHD service

systemctl restart sshd.service

Add the port to firewall

firewall-cmd --permanent --zone=public --add-port=2323/tcp

Reload firewall

firewall-cmd --reload

Check listening

ss -tnlp|grep ssh

Try connecting again trough ssh

ssh root@<ipaddr> -p 2323
Slipstream
  • 231
  • 2
  • 5
5

I also had this problem but solved it. My configuration is below.

PermitRootLogin no
port 22
MaxAuthTries 3
MaxSessions 2
AllowUsers ravikanth
AddressFamily any
ListenAddress 192.168.1.23

The service failed to start so I have just commented out the last line (#ListenAddress 192.168.1.23) then my server started successfully.

Note: I have turned off firewall (iptables) and SELinux.

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
ravikanth
  • 51
  • 1
  • 1
3

You may want to try using the following setting:

RestartSec=5s

That would force your application to sleep for 5 seconds prior to a restart attempt. You can obviously vary the number of settings.

See here for details:

masegaloeh
  • 17,978
  • 9
  • 56
  • 104
  • 1
    I upvoted this answer, because it contains useful information about how to fix the issue when the problem is in systemd and not the actual service (sshd in the OP case). I've had services with restart=always fail and not be restarted, several times. This answer might actually solve that issue with systemd. (Eventhough it is not directly related to the OP question). – MattBianco Jul 24 '15 at 06:04
  • Still relevant, as well. Thanks. This is helpful across a spectrum of services, especially in a container context. – jhchnc Jul 24 '22 at 01:14
3

Just follow this,

mkdir -p /var/run/sshd

and

/usr/sbin/sshd -ddd

This should fix your issue.

HBruijn
  • 72,524
  • 21
  • 127
  • 192
Aman Juman
  • 304
  • 2
  • 6
1

Cannot bind any address

If it tries to bind to a port (eg. by default: 22) below 1024, it needs root privilege to do that. Did you run service sshd start or something like that as root? Try editing the sshd.conf configuration file, set the bind address to a port greater than 1024 (eg. 1122) and run it as a simple user!

David Lakatos
  • 303
  • 1
  • 10
1

I had the same problem and the easiest solution I came through was to remove openssh and install it again.

 yum remove openssh

and then:

 yum install openssh openssh-server openssh-clients

then you can start sshd service:

 service sshd start
Ali Hashemi
  • 288
  • 1
  • 5
  • 15
-1

I had same problem. Just disabled SELinux!

tquang
  • 256
  • 1
  • 6